package com.jingdianjichi.gateway.auth;

import cn.dev33.satoken.stp.StpInterface;
import com.alibaba.cloud.commons.lang.StringUtils;

import com.google.gson.Gson;

import com.google.gson.reflect.TypeToken;
import com.jingdianjichi.auth.domin.constants.AuthConstant;
import com.jingdianjichi.auth.infra.baisc.entity.AuthRolePermission;
import com.jingdianjichi.auth.infra.baisc.entity.AuthUserRole;
import com.jingdianjichi.auth.infra.baisc.service.AuthPermissionService;
import com.jingdianjichi.auth.infra.baisc.service.AuthRolePermissionService;
import com.jingdianjichi.auth.infra.baisc.service.AuthRoleService;
import com.jingdianjichi.auth.infra.baisc.service.AuthUserRoleService;
import com.jingdianjichi.auth.infra.baisc.entity.AuthPermission;
import com.jingdianjichi.auth.infra.baisc.entity.AuthRole;
import com.jingdianjichi.gateway.redis.RedisUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;


import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.stream.Collectors;

/**
 * 自定义权限验证接口扩展
 */
@Component
public class StpInterfaceImpl implements StpInterface {
    @Autowired
    private AuthRoleService authRoleService;

    @Autowired
    private AuthRolePermissionService authRolePermissionService;

    @Autowired
    private AuthPermissionService authPermissionService;

    @Autowired
    private AuthUserRoleService authUserRoleService;

    @Autowired
    private RedisUtil redisUtil;

    private String authPermissionPrefix = "auth.permission";

    private String authRolePrefix = "auth.role";


    @Override
    public List<String> getPermissionList(Object loginId, String loginType) {
        // 返回此 loginId 拥有的权限列表
        // 1、直接跟数据库交互（不推荐）
        // 2、redis缓存（需要保证与数据库的强一致性）
        // 3、redis缓存，没有的话，去调用我们的微服务去获取（缓存穿透？？）
        return getAuth(loginId.toString(), authPermissionPrefix);
    }

    @Override
    public List<String> getRoleList(Object loginId, String loginType) {
        return getAuth(loginId.toString(), authRolePrefix);
    }

    /**
     * @Description: 从redis缓存中拿取 用户 拥有的 权限对象列表 或者 角色对象列表
     *              然后会 自动地 与 SaTokenConfigure里面的匹配的对象进行比较，符合要求的登录/角色/权限，才会放行请求
     * @return:
     * @Author:  sky
     * @date:  2024/11/11 20:33
     */
    private List<String> getAuth(String loginId, String prefix) {
        // 从redis缓存中拿数据
        String authKey = redisUtil.buildKey(prefix, loginId.toString());
        String authValue = redisUtil.get(authKey);
        // redis缓存中没有对应的value，返回空集合
        if (StringUtils.isBlank(authValue)) {
            // 回源数据库查询
            if (authRolePrefix.equals(prefix)) {
                AuthRole authRole = new AuthRole();
                authRole.setRoleKey(AuthConstant.NORMAL_USER);
                AuthRole roleResult = authRoleService.queryByCondition(authRole);
                List<AuthRole> roleList = Collections.singletonList(roleResult);
                redisUtil.set(authKey, new Gson().toJson(roleList)); // 回写缓存
                return roleList.stream().map(AuthRole::getRoleKey).collect(Collectors.toList());
            } else if (authPermissionPrefix.equals(prefix)) {
                AuthUserRole userRole = new AuthUserRole();
                userRole.setUserId(Math.toIntExact(Long.valueOf(loginId)));
                List<AuthUserRole> userRoles = authUserRoleService.queryByCondition(userRole);
                if (!CollectionUtils.isEmpty(userRoles)) {
                    Long roleId = Long.valueOf(userRoles.get(0).getRoleId());
                    AuthRolePermission rolePerm = new AuthRolePermission();
                    rolePerm.setRoleId(roleId);
                    List<AuthRolePermission> rolePerms = authRolePermissionService.queryByCondition(rolePerm);
                    List<Long> permIds = rolePerms.stream()
                            .map(AuthRolePermission::getPermissionId)
                            .collect(Collectors.toList());
                    List<AuthPermission> permissions = authPermissionService.queryByPermissionIdList(permIds);
                    redisUtil.set(authKey, new Gson().toJson(permissions)); // 回写缓存
                    return permissions.stream().map(AuthPermission::getPermissionKey).collect(Collectors.toList());
                }
            }
            return Collections.emptyList();
        }


        List<String> authList = new LinkedList<>();
        if (authRolePrefix.equals(prefix)) {
            List<AuthRole> roleList = new Gson().fromJson(authValue, new TypeToken<List<AuthRole>>() {
            }.getType());
            authList = roleList.stream().map(AuthRole::getRoleKey).collect(Collectors.toList());
        } else if (authPermissionPrefix.equals(prefix)) {
            List<AuthPermission> permissionList = new Gson().fromJson(authValue, new TypeToken<List<AuthPermission>>() {
            }.getType());
            authList = permissionList.stream().map(AuthPermission::getPermissionKey).collect(Collectors.toList());
        }
        return authList;
    }


}